The Criminal Use Of AI Is Increasing 

Uploaded on 2023-11-01 in TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Resilience, FREE TO VIEW

An onslaught of new cyber attacks techniques has been developed by criminals to subvert established security measures.  Today, those responsible for cyber security in organisations must anticipate the evolving range of threats they face and modify the measures they take to defend their networks.

In particular, they face a new threat as criminals transition to using Artificial Intelligence (AI) to deliver a whole new level of threats - highly convincing phishing emails and automated cyber attacks. The dynamic nature of AI-driven attacks often renders static defence mechanisms ineffective. 

Traditional cyber security measures, like antivirus software, firewalls, and intrusion detection systems, struggle to keep pace, highlighting the need for more adaptive and advanced cyber security strategies. Some of the most notable emerging threats stem from the rapid uptake of AI and cyber security professionals have witnessed hackers adopt AI at speed, in many cases faster than enterprise SecOps and cybersecurity teams.

With the rise of generative AI systems like ChatGPT and Google Bard, AI is becoming embedded in our everyday lives with growing excitement around what these tools are capable of doing. 

The threat landscape surrounding AI is expanding at an alarming rate. Between January to February 2023,researchers at leading AI-driven cyber security firm  Darktrace observed a 135% increase in “novel social engineering” attacks, corresponding with the widespread adoption of ChatGPT.

AI is a double-edged sword in cyber security. Its use by cyber attackers is still in its infancy, but Darktrace expects that the mass availability of generative AI tools like ChatGPT will significantly enhance attackers’ capabilities by providing better tools to generate and automate human-like attacks. 

As organisations increase their digital capabilities across hybrid, multicloud, and Internet-of-things (IoT) environments, they gain more areas to protect and control. 

It also enables criminals to damage operational reliability, undertake new types of crimes, that will lead to even faster and more effective AI-powered attacks and exploits. This type of offensive AI can supercharge criminal attacks, intelligently shifting attack techniques, without human input. 

Currently there are three areas where Darktrace sees potential for AI to significantly enhance the capabilities of attackers:

  • Increasing the sophistication of low-level threat actors.
  • Increasing the speed of attacks through automation.
  • Eroding trust among users.

Attack data collected between May and July underscore a trend where cyber criminals are increasingly using social engineering techniques to deliver multistage payloads. Darktrace report a 59% increase in malicious emails sent to potential victims that encourages them to follow a series of steps before delivering a malicious payload or attempting to harvest sensitive information. "Nearly 50,000 more of these attacks were detected by Darktrace in July than May, indicating potential use of automation, and the speed of these types of attacks will likely rise as greater automation and AI are adopted and applied by attackers," according to the Darktrace Cyber AI Research Centre.

The multistage payload technique saw the rise in Quishing, phishing using QR codes, which researchers said indicated the use of automation in attacks.

The common denominator in multistage attacks and one-and-done phishing attacks is persuasive and believable text-based communication. Darktrace's research is based on analysis of its own customers and, while it did not conclude that AI was being used in these attacks, it does assert that AI technology could easily be leveraged to streamline attacks. Among the types of products that use AI are antivirus and antimalware, data loss prevention, fraud detection/anti-fraud, identity and access management, intrusion detection/prevention system, and risk and compliance management. 

According to Darktrace, phishing emails impersonating senior executives are down 11%. Attackers switched to impersonating company IT teams, which are up 19%, as employees caught on to the VIP impersonation ruse, according to Darktrace’s data. “While it’s common for attackers to pivot and adjust their techniques as efficacy declines, generative AI, particularly deepfakes, has the potential to disrupt this pattern in favor of attackers,” according to Jack Stockdale, Darktrace’s chief technology officer.   

While Generative AI is a significant new tool for cyber criminals to develop attacks at speed, it can equally have a positive impact to improve enterprise cyber security in target organisations. 

Owen Morris, Director of Enterprise Architecture at Doherty Associates, commented, “It’s clear to see that generative AI is changing the cyber security landscape... what we need to be most concerned about is an arms race in the use of AI, with black-hats adopting it quickly and white-hats needing to do the same. While generative AI can support threat analysts, it is also giving threat actors the capabilities to write scripts that they previously lacked the technical expertise to execute, so business leaders now need to make sure their organisations are equipped to respond to a potential increase in threats."  

Patrick Haar, the CEO of SlashNext, commented “With the increase in sophistication and volume of threats attacking organisations on all devices, generative AI-based security provides organisations with a fighting chance at stopping these breaches.” 

Nicole Carignan, Darktrace' vice president of Strategic Cyber AI, said organisations must also entrust AI to interrupt in-progress, sophisticated attacks. “Adoption will need to increase in the future as novel threats become the new normal,” 

Constantly changing malware signatures can help attackers evade static defenses such as firewalls and perimeter detection systems. 

Similarly, AI-powered malware can sit inside a system, collecting data and observing user behavior up until it’s ready to launch another phase of an attack or send out information it has collected with relatively low risk of detection, demonstrating a whole new level of threat that cyber security professionals must adapt to dealing with. 

Darktrace:      Darktrace:    SCMagazine:    CSO Online:     Forrester:    CNBC:    Forbes

Image: igor-omilaev

You Might Also Read: 

A Microchip To Reshape Artificial Intelligence:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Defenders Of The Cybersecurity Command Centre  
Half Of Cyber Attacks On British Organisations Succeed »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

Association of Information Security Professionals (AISP)

Association of Information Security Professionals (AISP)

The Association of Information Security Professionals (AISP) represents the interests of information security professionals in Singapore.

Apcon

Apcon

Apcon's mission is to provide valuable network insights that enable security and network professionals to monitor, secure and protect their data in both physical and virtual environments.

Apicrypt

Apicrypt

Apicrypt enables secure communications between health professionals by using strong encryption technologies.

French Expert Center Against Cybercrime (CECyF)

French Expert Center Against Cybercrime (CECyF)

CECyF is a centre of excellence for countering cybercrime in France.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Featurespace

Featurespace

Featurespace is a world-leader in Adaptive Behavioural Analytics and creator of the ARIC™ platform for fraud and risk management.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

36 Group

36 Group

36 Group's criminal law team, has the experience and specialist knowledge to conduct effectively trials heavily concerned with the growing phenomenon of Cybercrime.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

Eficens Systems

Eficens Systems

Eficens Systems is a global IT services and consulting company. We specialize in empowering businesses to harness the potential of Information Technology as a strategic asset.

Trustack

Trustack

Trustack services cover connectivity, infrastructure services, security, unified comms, agile working and more. Our team of consultants deliver customised solutions tailored to your needs.